Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: IDS 4215, right place for a sniffing interface (DMZ or LAN)

from [Gary Halleen] Network Security [Permanent Link]
Subject: Re: IDS 4215, right place for a sniffing interface (DMZ or LAN)
Date: Thu, 05 Apr 2007 15:21:45 -0700 
It doesn't matter which interface is used for sensing and which for
monitoring as long as you use one for each.

Gary



On 4/4/07 7:48 PM, "zillah" <forwardtruth@yahoo.com> wrote:






The first thing you need to do is upgrade your sensor to version 5.1 or
6.0.
You have 4.1 software, which is no longer supported.  If you have
maintenance on your sensor, the upgrade is no charge.  If you do not have
maintenance (called Services for IPS), then you'll need to take care of
that
first.


Thanks Gary, yes I am aware of that.





The 4215 sensor has only two interfaces, and you need one for command and
control.  This is the interface that you'll assign an IP address to and
use
for management purposes.


Yes you are right .
According to the specification in the table 5-2 (under IDS 4125, same as
mine) from the link that I have posted for IDS 4125 , FastEthernet  0/1
should be for sensing purposes,,,,,,,,,,my case since I am looking to
monitor a traffic in the DMZ area, I should use Etherent 1 (not 0) for
monitoring (sensing) , right now Ethernet 0 (not 1) was used, and I guess
this is wrong ,,,,,,here was my query ?




------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
 
to learn more.
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IDS Security Metris, Eric Hacker
Next by Date:  Re: Re: Is this for real?, phil . johnson
Previous by Thread:  Re: IDS 4215, right place for a sniffing interface (DMZ or LAN), zillah
Next by Thread:  Is this for real?, phil . johnson
Indexes:  [Date] [Thread] [Top] [All Lists]